Generates a Certificate Signing Request (CSR), using the PKCS#10 format. The key is stored as keyname in the keystore, and stores the certificate request to the certFile if supplied.
genCertReq [-certFile file_name] [-emailId email_address] [-isSensitive true | false] [-phone number] [-requestorName name] [-serverAdmin name] [-sigalg sigalg_name] [-keysize number] [-dname distinguished_name] [-userId name] keyname
<taskdef name="wst_antTask" classname="com.sybase.wst.wstool.ant.AntTask"/> <target name="genCertReq" > <wst_antTask command="genCertReq" [certFile=“file_name”] [emailId=“email_addresse” ] [isSensitive=“true | false”] [phone=“number” ] [requestorName=“name”] [serverAdmin=“name” ] [sigalg=“sigalg_name”] [keysize=“number”] [dname=“distinguished_name” ] [userId=“name”] keyname=“key” >
Where:
Option |
Description |
|---|---|
|
The signature algorithm that defines the key algorithm used and the hash method used to compute the message digest. MD5withRSA is the default. If key is of type “DSA”, the default is “SHA1withDSA”, if key is of type “RSA”, the default is “MD5withRSA” |
|
The size indicates the authentication key strength. The greater the number, the stronger the encryption. Your options are 512, 768, or 1024. 1024 is the default. |
|
The distinguished name in the format: “CN=cName, OU=orgUnit, O=org, L=city, S=state, C=countryCode” |
userId |
An optional user name or ID. |
emailId |
An optional e-mail address. |
requestorName |
An optional requestor name. |
serverAdmin |
A optional server administrator name. |
phone |
An optional phone number. |
certFile |
An optional file name. If specified, the output is written to this file; if not, it is displayed on the console. |
This example generates a CSR named certreq, using the signature algorithm md5withRSA. Information contained in the testcert key is used to generate the CSR.
wstkeytool genCertReq -sigalg md5withRSA keysize 1024 -certFile testcert testcert
